Refactor MariaDB role to stabilize initialization:

- Unify encoding/collation variables
- Improve connection logic for mysql_db module
- Switch to PyMySQL install path to avoid mysqlclient build failures
- Update healthcheck to container-friendly CMD-SHELL usage
- Normalize network and port configuration

These changes were applied during CI/CD pipeline debugging. The root CI/CD connectivity issue is still not fixed.

Reference: https://chatgpt.com/share/6931adf0-ce7c-800f-86f3-f867fbd3191f

roles/svc-db-mariadb/tasks/01_core.yml

@@ -9,15 +9,50 @@
   community.general.pacman: 
     name: python-mysqlclient
     state: present
+  when: not IS_CONTAINER | bool
 
+- name: Ensure PyMySQL is installed for Ansible interpreter
+  ansible.builtin.pip:
+    name: PyMySQL
+  when: IS_CONTAINER | bool
+    
 - name: "Wait until the MariaDB container with hostname '{{ MARIADB_NAME }}' is healthy"
   community.docker.docker_container_info:
     name: "{{ MARIADB_NAME }}"
   register: db_info
   until:
-  - db_info.container is defined
-  - db_info.container.State.Health.Status == "healthy"
+    - db_info.container is defined
+    - db_info.container.State.Health.Status == "healthy"
   retries: 30
   delay: 5
 
+- name: "Wait until MariaDB accepts root credentials (inside container)"
+  community.docker.docker_container_exec:
+    container: "{{ MARIADB_NAME }}"
+    command: >
+      mariadb
+      {{ '-h127.0.0.1 -P3306' if MARIADB_EXPOSE_LOCAL else '' }}
+      -uroot -p'{{ MARIADB_ROOT_PWD }}'
+      -e 'SELECT 1;'
+  register: mariadb_cli
+  changed_when: false
+  retries: 30
+  delay: 5
+  until: mariadb_cli.rc == 0
+
+- name: "Wait until MariaDB accepts root credentials (via mysql_db)"
+  community.mysql.mysql_db:
+    name: "{{ MARIADB_HEALTHCHECK_DB }}"
+    state: present
+    login_user: root
+    login_password: "{{ MARIADB_ROOT_PWD }}"
+    login_host: "{{ MARIADB_HOST }}"
+    login_port: "{{ MARIADB_PORT }}"
+    config_file: ""
+  register: mariadb_ready
+  retries: 30
+  delay: 5
+  until: mariadb_ready is succeeded
+  changed_when: false
+
 - include_tasks: utils/once/flag.yml

roles/svc-db-mariadb/tasks/02_init.yml

@@ -4,27 +4,21 @@
     state:          present
     login_user:     root
     login_password: "{{ MARIADB_ROOT_PWD }}"
-    login_host:     127.0.0.1
-    login_port:     "{{ database_port }}"
-    encoding:       "{{ database_encoding }}"
-    collation:      "{{ database_collation }}"
+    login_host:     "{{ MARIADB_HOST }}"
+    login_port:     "{{ MARIADB_PORT }}"
+    encoding:       "{{ MARIADB_ENCODING }}"
+    collation:      "{{ MARIADB_COLLATION }}"
+    config_file:    ""
 
 - name: "Create database user: {{ database_username }}"
   community.mysql.mysql_user:
-    name:     "{{ database_username }}"
-    password: "{{ database_password }}"
-    host: "%"
-    priv: '{{ database_name }}.*:ALL'
-    state: present
-    login_user: root
-    login_password: "{{MARIADB_ROOT_PWD}}"
-    login_host: 127.0.0.1
-    login_port: "{{ database_port }}"
-
-# Deactivated due to https://chatgpt.com/share/683ba14b-0e74-800f-9ad1-a8979bc77093
-# @todo Remove if this works fine in the future. 
-#- name: Grant database privileges
-#  ansible.builtin.shell:
-#    cmd: "docker exec {{MARIADB_NAME }} mariadb -u root -p{{ MARIADB_ROOT_PWD }} -e \"GRANT ALL PRIVILEGES ON `{{ database_name }}`.* TO '{{ database_username }}'@'%';\""
-#  args:
-#    executable: /bin/bash
+    name:           "{{ database_username }}"
+    password:       "{{ database_password }}"
+    host:           "%"
+    priv:           '`{{ database_name }}`.*:ALL'
+    state:          present
+    login_user:     root
+    login_password: "{{ MARIADB_ROOT_PWD }}"
+    login_host:     "{{ MARIADB_HOST }}"
+    login_port:     "{{ MARIADB_PORT }}"
+    config_file:    ""